Sometimes when we conduct pentesting we get a least privilaged shell which we can’t do anything, the simplest way to change that shell to fully functional shell is droping ssh key and connect using ssh.

generate SSH key

ssh -f myssh-key

This command will create 2 files in the current folder

  1. myssh-key - This is the private key
  2. myssh-key.pub - This is the public key which needs to be in other machine authorized_keys file

Copy The Public Key

Copy Public Key

Paste it to the victim machine authorized_keys file

Paste Key

Change the permission of private key

chmod 600 myssh-key

Connect using ssh

ssh -i myssh-key user@<IP>